The i-Soon Leaks with Winnona DeSombre Bernsen
The Lawfare Podcast
The Lawfare Institute
4.7 • 6.4K Ratings
🗓️ 5 March 2024
⏱️ 38 minutes
🧾️ Download transcript
Summary
In mid-February, Chinese cybersecurity firm i-Soon appeared to suffer a massive data leak, which offered unprecedented insight into the operations of the company, known to contract for many Chinese government agencies. The more than 500 documents include conversations between employees, sales pitches, and internal documents, and expose the firm’s hacking methods, tools, and victims. They also show in what ways the offensive cyber industries in China and the U.S. are surprisingly similar.
Eugenia Lostri, Lawfare’s Fellow in Technology Policy and Law, sat down with Winnona DeSombre Bernsen, nonresident fellow at the Atlantic Council, to talk through the leaks and her research into the key similarities and differences between the Chinese companies and their counterparts. They talked about how the Chinese government hoards vulnerabilities, the similar contracting headaches that firms in the U.S. and China suffer from, and how the findings from this leak can be used to develop better norms.
You can listen to the podcast conversation, “China’s Approach to Software Vulnerabilities Reporting,” with Dakota Cary and Kristin Del Rosso here. The conversation, “Rules for Civilian Hackers in War with Tilman Rodenhäuser and Mauro Vignati” is here.
Support this show http://supporter.acast.com/lawfare.
Hosted on Acast. See acast.com/privacy for more information.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | The following podcast contains advertising. |
| 0:04.0 | To access an ad-free version of the Lawfair Podcast, |
| 0:08.0 | become a material supporter of Lawfair at Patreon.com slash Lawfair. That's Patreon.com |
| 0:16.4 | slash Lawfair. Also check out Lawfair's other podcast offerings, rational security, chatter, lawfare no bull, and the aftermath. |
| 0:27.0 | Premier Chinese vulnerability researchers, as well as international vulnerability researchers, |
| 0:38.4 | come to China and they demonstrate that they can break into some of probably the most secure Western tech around. |
| 0:46.3 | We're talking about iPhones, Androids, Windows machines, most up-to-date systems that there are available. |
| 0:55.1 | And instead of other hacking competitions internationally that say, great, now that you've demonstrated |
| 1:00.5 | this, we'll go talk to the vendors so that way they could patch it. |
| 1:04.0 | All of these vulnerabilities first go through the government, the Chinese government. |
| 1:10.0 | I am Eugenia Lothri, |
| 1:12.0 | law first fellow in technology Policy and Law, and this is the Law |
| 1:15.5 | Fair podcast March 5, 2024. |
| 1:19.9 | In mid-February Chinese cyber security firm, Isun, appeared to suffer a massive data leak, which offered |
| 1:26.3 | and unprecedented insight into the operations of the company, known to contract for many Chinese |
| 1:31.9 | government agencies. |
| 1:33.0 | The more than 500 documents include conversations between employees, |
| 1:38.0 | sales pitches, and internal documents |
| 1:41.0 | and expose the firm's hacking methods, tools, and their victims. |
| 1:46.1 | They also show in what ways the offensive cyber industries in China and the U.S. are surprisingly |
| 1:52.0 | similar. |
| 1:53.6 | I sat down with Winona de Sombre Bernsen, non-resident fellow at the Atlantic Council, to talk |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from The Lawfare Institute, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of The Lawfare Institute and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.